<!--#include file="lib/utf-8.asp"-->
<!--#include file="lib/conn.asp"-->
<!--#include file="lib/error_write.asp"-->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>修改密码</title>
<link rel="stylesheet" href="lib/sheet.css" type="text/css">
</head>

<body topmargin=2 marginheight=0 leftmargin=2>
<%
MM_authorizedUsers=""
MM_grantAccess=false
If Session("MM_Username") <> "" Then
  If (true Or CStr(Session("MM_UserAuthorization"))="") Or _
         (InStr(1,MM_authorizedUsers,Session("MM_UserAuthorization"))>=1) Then
    MM_grantAccess = true
  End If
End If
sub error_write(error_code,error_content)
	response.write "Error:"&cstr(error_code)&"<br>"&error_content&"<br>"
	if error_code=0 then
		response.write "<meta http-equiv='refresh' content='3;URL=javascript:window.close()'>"
		response.write "<a href='javascript:window.close()'>关闭</a> <br>本页面3秒后自动关闭."
	else
		response.write "<a href='javascript:history.go(-1)'> << 返回上一页重新输入</a>"
	end if
	response.end
end sub

If Not MM_grantAccess Then
	response.write("您没有登陆，请登陆后使用!<br>")
	response.end
else
	Set rs = Server.CreateObject("ADODB.Recordset")
	rs.ActiveConnection = conn
	rs.CursorType = 1
	rs.CursorLocation = 2
	rs.LockType = 3
	rs.Source = "SELECT *  FROM yh where user='"&Session("MM_Username")&"'"
	rs.Open()

	If (CStr(Request.form("mm_change_passs")) <> "") Then
		old_pass=""
		if request.form("old_pass").count>0 then
			old_pass=request.form("old_pass").item
			if old_pass="" then
				error_code=4
				error_content="原密码输入错误！!"
				call error_write(error_code,error_content)
			else
				if cstr(old_pass)<>cstr(rs("pass")) then
					error_code=1
					error_content="原密码错误！!"
					call error_write(error_code,error_content)
				end if

			end if
		end if
		new_pass=""
		if request.form("new_pass").count>0 then
			new_pass=request.form("new_pass").item
			if new_pass="" then
				error_code=5
				error_content="新密码错误！!"
				call error_write(error_code,error_content)
			end if
		end if

		ack_pass=""
		if request.form("ack_pass").count>0 then
			ack_pass=request.form("ack_pass").item
			if ack_pass="" then
				error_code=6
				error_content="确认密码错误！!"
				call error_write(error_code,error_content)
			end if
		end if
		if cstr(ack_pass)=cstr(new_pass) then
			if cstr(ack_pass)<>cstr(rs("pass")) then
				rs("pass")=cstr(new_pass)
				'rs("active")=1
				rs.update
				rs.close
				error_code=0
				error_content="密码修改成功！<br>请注销后重新登陆！"
				call error_write(error_code,error_content)
			else
				error_code=7
				error_content="原密码和新密码重复！"
				call error_write(error_code,error_content)
			end if
		else
			error_code=2
			error_content="确认密码和新密码不符合！!"
			call error_write(error_code,error_content)
		end if
	end if
	%>
	<form name="form1" method="post" action="#">
	<TABLE border=1 align=center cellPadding=2 cellSpacing=0 borderColorLight=black borderColorDark=white>
		<tr>
		  <td bgcolor="silver">用户名</td>
		  <td><%=rs("user")%></td>
		  <td bgcolor="silver">权限</td>
		  <td><%=rs("flag")%></td>
		</tr>
		<tr>
		  <td bgcolor="silver">名字</td>
		  <td><%=rs("name")%></td>
          <td bgcolor="silver">称谓</td>
          <td>&nbsp;</td>
	  </tr>
		<tr>
		  <td bgcolor="silver">原密码</td>
		  <td colspan="3"><input name="old_pass" type="password" id="old_pass"></td>
		</tr>
		<tr>
		  <td bgcolor="silver">新密码</td>
		  <td colspan="3"><input name="new_pass" type="password" id="new_pass"></td>
		</tr>
		<tr>
		  <td bgcolor="silver">确认密码</td>
		  <td colspan="3"><input name="ack_pass" type="password" id="ack_pass"></td>
		</tr>
		<tr>
		  <td colspan="4">        <div align="center">
			  <input type="submit" name="Submit" value="提交">
	&nbsp;
	<input name="Reset" type="reset" id="Reset" value="重置">
		  <input type="hidden" name="mm_change_passs" value="true">
		  </div></td>
		</tr>
	  </table>
	</form>
	</body>
	</html>
<%
set rs=nothing

End If
%>
